Scan in document into fax machine and 
identify intended recipient. 






Request and obtain a copy of the intended 
recipient's Certificate from Ldap. 






Select a session key for use in 
communication with the intended recipient. 



Encrypt the document using 
the selected session key. 



Encrypt a copy of the session key with 
the public key of the intended recipient 
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Send encrypted document, encrypted session key and intended 
recipient's Certificate to receiving fax machine (RFM). 



Figure 2a 



RFM receives the encrypted document, the encrypted key and 
the intended recipient's Certificate and stores these in memory. 



RFM requests the intended recipient to input their smart 
card containing the intended recipient's private key. 



Encrypted session key passed to smart card and 
decoded using intended recipient's private key. 
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Decoded session key returned to RFM and used 
to decrypt the encrypted fax document. 




Check validity of certificate 
or chain of certificates. 
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Intended recipient not validated so 
do not print out received document 
















Notify person attempting to access received 
document that they are not authorised 



Intended recipient validated so 
print out document. 
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Figure 2b 



Document 



Sending Fax Machine 



Hash 
Algorithm 
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Doc Certificate 



Digest 



Receiving Fax Machine 



Hash 
Algorithm 




Store of 
documents 



Store of 
certificates 
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Figure 4 



Scan in document into fax 
machine 



Create Digest of Document 




Confirm sender's smart card 
using PIN or a biometric 
check 





Encrypt Digest using 
private key of signer 




Request and obtain 
Certificate of signer 
including his public key 



Send document together 
with Certificate of signer 
and Digest 



Figure 5 



Receive document, Digest 
and Certificate of sender. 
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Extract public key of sender 
and use to decode Digest. 



Redigest document using 
same hash algorithm. 




The sender of the document 
and its contents are verified 
and can be relied upon. 
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The sender of the document or 
its contents cannot be verified 
and cannot be relied upon. 



Print verifying mark on 
paper copy of document 
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FiRure 6 



A's Fax Machine 
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B's Fax Machine 




Certificates 
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C's Fax Machine 




Certificates 
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Figure 7 



A sends its own Certificate a random integer 
'nonceA' and a request for C's Certificate to C. 



C receives request, A's Certificate and nonceA. | ^--^ 164 



Are Certs equivalent? 



C encrypts nonceA with its private key. f ^-^-i' 



C sends encrypted nonceA together with its digital 
Certificate and a new random integer 'nonceC to A. 
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A receives request, C's Certificate and nonceC. j "*-*-*! 74 




A decodes the encrypted nonceA using C's public key and 
compares this with a previously stored version of nonceA. 




A encrypts nonceC^vith its private key. ^ 
A sends encrypted nonceC to C. J 1 84 




Figure 8 



